Application Compatibilities when upgrading your servers from Windows 2003 to Windows 2008

 

The reason I am coming up with this blog is because of my own experience when upgrading my existing Windows 2003 test lab from Windows 2003 to Windows 2008. I hit so many road blocks where I was forced not to upgrade to Windows 2008 rather to migrate to a new server with Window 2008.

I have put together few applications which faced few-issues/no-issues when upgrading to Windows 2008.

I have fairly simple architecture but yet a very common one. In my lab I have a Windows 2003 Domain controller, Windows 2003 based Exchange 2007, Windows 2003 based MOSS 2007 and Windows 2003 based SCCM 2007 server.

Active Directory Servers

1.       Active Directory servers can be migrated or upgraded to windows 2008. Before introducing the Windows Server 2008 in a Windows 2003 domain environment run the following commands on your Windows 2003 Domain Controllers

a.       Run Windows2008CD > Sources > ADPrep > adprep /forestprep command on your root DC

b.      Run Windows2008CD > Sources > ADPrep > adprep /domainprep command on each of your Windows 2003 Domain Controllers

c.       Run Windows 2008CD > Sources > ADPrep > adprep /domainprep /gprep  on the domain controller which issues group policies. You may also run it on all your windows 2003 domain controllers

Exchange 2007

In-Place Upgrade

1.       In-place upgrade of Exchange 2007 on Windows 2003 to Windows 2008 is not possible. This is due to number of reasons. When you try to run the setup on the Exchange 2007 with or without SP1, it is going to tell you to uninstall PowerShell which itself is a roadblock as it’s a required component for Exchange 2007. Now, Exchange 2007 can be installed fresh on a pre-installed Windows 2008. For doing so, you would need Exchange 2007 with SP1

Migration

2.       Migration can be done from Windows 2003-Exchange 2007 to Windows 2008-Exchange 2007 SP1

MOSS 2007

In-Place Upgrade

1.       In-place upgrade requires you follow an article http://support.microsoft.com/kb/943605 if you are using the SharePoint Services Search. You need to stop the service before you upgrade it to the Windows 2008 platform.

Migrating from Windows 2000 Domain to Windows 2008

 

1. Verify that Windows 2000 SP4 have been installed on the Existing Windows 2000 Domain Controllers 
2. The domain functional level should be in Windows 2000 native mode for the Windows 2000 domain Controllers.

3. Upgrade the Windows 2000 forest schema by running "adprep /forestprep" command on Windows 2000 Server using the Setup CD for Windows 2008

4. Upgrade the Windows 2000 domain schema by running "adprep /domainprep" command on Windows 2000 Server
5. Install the Windows 2008 on a separate server and make it the member server of Windows 2000 domain Note: Windows 2008 is only supported on 64bit servers in production
6. Run DCPROMO on new server to promote it as an additional domain controller in existing Windows 2000 domain. Install the DNS Server during the Active Directory installation process
7. Enable Global Catalog on new server and manually Check Replication Topology
8. Disable Global Catalog on old server.
9. Use NTDSUTIL to transfer all the 5 FSMO roles from old server to new server. Run the commands in the below order.
   1. NTDSUtil
   2. Roles
   3. Connection
   4. Connect to server <Server name to which roles are to be transferred>
   5. Transfer <Server Role>
10. Switch off the existing Windows 2000 domains. Demote the servers only when you are sure that everything is working fine with Windows 2008 Servers

Enjoy !!

Migrating Windows 2000 to Windows 2003 Domain – Intra Forest

 

Hi Everyone,

 

   I am writing the brief step by step procedure to Migrate from Windows 2000 to Windows 2003 Domain in an Intra Forest Topology

 

Scenario:  we have Fabrikam.com (windows 2000 domain) and contoso.com (windows 2003 domain) two forests. Fabrikam.com has 1000 users and groups which needs to be migrated to contoso.com

 

Source Domain: Fabrikam.com

Target Domain: Contoso.com

 

note: if you want to keep the same name and for the domain as your current then the easiest way is to make ADC in the same forest and let all the objects migrate to the new domain controller

 

1. On contoso.com go to the DNS and add the IP address of Fabrikam.com’s DNS in it’s forwarder
2. Now, on fabrikam.com go to DNS and add the IP address of Contoso.com’s DNS in it’s forwarder
3. Test if both ways you can ping and resolve the names
4. Download the ADMT 3.0 from http://www.microsoft.com/downloads/details.aspx?familyid=6F86937B-533A-466D-A8E8-AFF85AD3D212&displaylang=en
5. Install the ADMT tool on the target domain. In our case its Contoso.com
6. Open ADMT console and right click on the left side "Active Directory Migration Tool" and seclect Migrate Groups Wizard
7. Follow the wizard and select the appropriate groups to be migrated
8. Once finished check the report if there are any errors
9. Now, you need to install the Password Export server (PES) on the Source Domain. In our case it’s Fabrikam.com. PES folder is by default created under the installation directory of your ADMT. Default location is <Drive:>/Windows/ADMT
10. While installing PES you would need to provide .PES file for password encryption
11. Go to the server on which we installed the ADMT tool
12. Run CMD
13. Type ADMT Key /Option:Create /SourceDomain: <Give Source Domain> /KeyFile:<path to store the key File>
14. Open the <path to store the key File> you created and copy it to the source domain
15. Now, complete the installation of the Password Export Server on the source domain
16. Go to Services on the source domain and search for "password Export Server Service"
17. Stop the service if its started. Open the service properties and go to "Log On" Tab
18. Click browse and select the target forest and select Administrator or similar privilaged user account
19. Start the service
20. Now, go to the target server and open ADMT tool
21. Right click on the left side "Active Directory Migration Tool" and select Migrate users Wizard
22. Complete the user migration wizard
23. Check for any possible errors
24. Once the user migration is done redo the step 6 and 7 to ensure that Group memberships are fixed
25. Right click on the left side "Active Directory Migration Tool" and select Computer Migration Wizard
26. Follow the wizard and select the computer accounts to be moved to the new domain
27. Once completed ADMT pop-ups a window which let you run the ADMT Agent on machine. Select "Run Pre-check and Agent Operation" and click start
28. For performing the above step, Add the target Domain’s Administrator account to the Local Administrators group for each of the client machines
29. Note ** All machines which you are migrating should be turned on at this point in time
30. Once the machine is restarted automatically, it will be joined to the new domain
31. Go to the target server and go to "Active directory Domains and Trusts". Break the forest level trust
32. Demote the source domain from the network

 

Additional resources

http://support.microsoft.com/kb/326480

http://support.microsoft.com/kb/216498

http://support.microsoft.com/kb/255504

http://www.petri.co.il/transferring_fsmo_roles.htm